A variety of techniques can be provided by a programming-language implementation to enforce protection, but any of these must depend on some degree of support from an underlying machine and its operating system.
For example, suppose a language is used to generate code to run on the Cambridge CAP system.
On this system, every storage reference made on the underlying hardware occurs indirectly through a capability.
This restriction prevents any process from accessing a resource outside of its protection environment at any time.
However, a program may impose arbitrary restrictions on how a resource can be used during execution of a particular code segment.
We can implement such restrictions most readily by using the software capabilities provided by CAP.
A language implementation might provide standard protected procedures to interpret software capabilities that would
realize the protection policies that could be specified in the language.
This scheme puts policy specification at the disposal of the programmers, while freeing them from implementing its enforcement.